<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">
<meta name="generator" content="Hexo 5.3.0">
  <link rel="apple-touch-icon" sizes="180x180" href="/images/avatar.jpg">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/avatar.jpg">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/avatar.jpg">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">

<link rel="stylesheet" href="/css/main.css">


<link rel="stylesheet" href="/lib/font-awesome/css/font-awesome.min.css">

<script id="hexo-configurations">
    var NexT = window.NexT || {};
    var CONFIG = {"hostname":"yoursite.com","root":"/","scheme":"Mist","version":"7.7.2","exturl":false,"sidebar":{"position":"left","display":"post","padding":18,"offset":12,"onmobile":false},"copycode":{"enable":false,"show_result":false,"style":null},"back2top":{"enable":true,"sidebar":false,"scrollpercent":false},"bookmark":{"enable":false,"color":"#222","save":"auto"},"fancybox":false,"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"algolia":{"hits":{"per_page":10},"labels":{"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}},"localsearch":{"enable":false,"trigger":"auto","top_n_per_article":1,"unescape":false,"preload":false},"motion":{"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}}};
  </script>

  <meta name="description" content="信息泄露整理">
<meta property="og:type" content="article">
<meta property="og:title" content="信息泄露">
<meta property="og:url" content="http://yoursite.com/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/index.html">
<meta property="og:site_name" content="Shouquan">
<meta property="og:description" content="信息泄露整理">
<meta property="og:locale" content="zh_CN">
<meta property="article:published_time" content="2021-01-22T08:09:28.465Z">
<meta property="article:modified_time" content="2021-01-24T03:03:21.245Z">
<meta property="article:author" content="shou quan">
<meta property="article:tag" content="信息泄露">
<meta name="twitter:card" content="summary">

<link rel="canonical" href="http://yoursite.com/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/">


<script id="page-configurations">
  // https://hexo.io/docs/variables.html
  CONFIG.page = {
    sidebar: "",
    isHome : false,
    isPost : true
  };
</script>

  <title>信息泄露 | Shouquan</title>
  






  <noscript>
  <style>
  .use-motion .brand,
  .use-motion .menu-item,
  .sidebar-inner,
  .use-motion .post-block,
  .use-motion .pagination,
  .use-motion .comments,
  .use-motion .post-header,
  .use-motion .post-body,
  .use-motion .collection-header { opacity: initial; }

  .use-motion .site-title,
  .use-motion .site-subtitle {
    opacity: initial;
    top: initial;
  }

  .use-motion .logo-line-before i { left: initial; }
  .use-motion .logo-line-after i { right: initial; }
  </style>
</noscript>

</head>

<body itemscope itemtype="http://schema.org/WebPage">
  <div class="container use-motion">
    <div class="headband"></div>

    <header class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏">
      <span class="toggle-line toggle-line-first"></span>
      <span class="toggle-line toggle-line-middle"></span>
      <span class="toggle-line toggle-line-last"></span>
    </div>
  </div>

  <div class="site-meta">

    <div>
      <a href="/" class="brand" rel="start">
        <span class="logo-line-before"><i></i></span>
        <span class="site-title">Shouquan</span>
        <span class="logo-line-after"><i></i></span>
      </a>
    </div>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger">
    </div>
  </div>
</div>


<nav class="site-nav">
  
  <ul id="menu" class="menu">
        <li class="menu-item menu-item-home">

    <a href="/" rel="section"><i class="fa fa-fw fa-home"></i>首页</a>

  </li>
        <li class="menu-item menu-item-about">

    <a href="/about/" rel="section"><i class="fa fa-fw fa-user"></i>关于</a>

  </li>
        <li class="menu-item menu-item-tags">

    <a href="/tags/" rel="section"><i class="fa fa-fw fa-tags"></i>标签</a>

  </li>
        <li class="menu-item menu-item-categories">

    <a href="/categories/" rel="section"><i class="fa fa-fw fa-th"></i>分类</a>

  </li>
        <li class="menu-item menu-item-archives">

    <a href="/archives/" rel="section"><i class="fa fa-fw fa-archive"></i>归档</a>

  </li>
        <li class="menu-item menu-item-sitemap">

    <a href="/sitemap.xml" rel="section"><i class="fa fa-fw fa-sitemap"></i>站点地图</a>

  </li>
  </ul>

</nav>
</div>
    </header>

    
  <div class="back-to-top">
    <i class="fa fa-arrow-up"></i>
    <span>0%</span>
  </div>


    <main class="main">
      <div class="main-inner">
        <div class="content-wrap">
          

          <div class="content">
            

  <div class="posts-expand">
      
  
  
  <article itemscope itemtype="http://schema.org/Article" class="post-block " lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="http://yoursite.com/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.jpg">
      <meta itemprop="name" content="shou quan">
      <meta itemprop="description" content="">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="Shouquan">
    </span>
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          信息泄露
        </h1>

        <div class="post-meta">
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="fa fa-calendar-o"></i>
              </span>
              <span class="post-meta-item-text">发表于</span>

              <time title="创建时间：2021-01-22 16:09:28" itemprop="dateCreated datePublished" datetime="2021-01-22T16:09:28+08:00">2021-01-22</time>
            </span>
              <span class="post-meta-item">
                <span class="post-meta-item-icon">
                  <i class="fa fa-calendar-check-o"></i>
                </span>
                <span class="post-meta-item-text">更新于</span>
                <time title="修改时间：2021-01-24 11:03:21" itemprop="dateModified" datetime="2021-01-24T11:03:21+08:00">2021-01-24</time>
              </span>
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="fa fa-folder-o"></i>
              </span>
              <span class="post-meta-item-text">分类于</span>
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/web/" itemprop="url" rel="index"><span itemprop="name">web</span></a>
                </span>
            </span>

          
            <span id="/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/" class="post-meta-item leancloud_visitors" data-flag-title="信息泄露" title="阅读次数">
              <span class="post-meta-item-icon">
                <i class="fa fa-eye"></i>
              </span>
              <span class="post-meta-item-text">阅读次数：</span>
              <span class="leancloud-visitors-count"></span>
            </span>
  
  <span class="post-meta-item">
    
      <span class="post-meta-item-icon">
        <i class="fa fa-comment-o"></i>
      </span>
      <span class="post-meta-item-text">Valine：</span>
    
    <a title="valine" href="/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/#valine-comments" itemprop="discussionUrl">
      <span class="post-comments-count valine-comment-count" data-xid="/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/" itemprop="commentCount"></span>
    </a>
  </span>
  
  

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody">

      
        <p>信息泄露整理</p>
<a id="more"></a>

<h1 id="目录遍历"><a href="#目录遍历" class="headerlink" title="目录遍历"></a>目录遍历</h1><h2 id="原理"><a href="#原理" class="headerlink" title="原理"></a>原理</h2><p>很多web服务一般都对服务器的文件有访问权限，访问者访问网站，web服务通过路径找到对应文件并返回给访问者。但恶意的攻击者可以通过提交精心设计的路径来访问本不该被公开的文件。<br>例如</p>
<figure class="highlight php"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">&lt;?php</span> </span><br><span class="line">$path = $_COOKIE[<span class="string">'path'</span>]</span><br><span class="line"><span class="keyword">include</span> (<span class="string">"/var/www/html"</span>.$path)</span><br><span class="line"><span class="meta">?&gt;</span></span><br></pre></td></tr></table></figure>
<p>当攻击者提交的path为”../../../etc/passwd”时候，web服务将会遍历到passwd文件而返回给用户</p>
<h2 id="防御"><a href="#防御" class="headerlink" title="防御"></a>防御</h2><p>（1）数据净化：通过建立文件后缀白名单对提交的的路径进行清洗，过滤包含恶意字符的请求。</p>
<p>（2）chroot监狱：使用chroot环境包含被访问的web目录，针对web进程改变它外显的根目录，使得web进程不能访问指定根目录之外的内容</p>
<h2 id="攻击"><a href="#攻击" class="headerlink" title="攻击"></a>攻击</h2><p>（1）编码绕过，尝试用不同的编码方式绕过，例如使用url编码../来绕过对恶意字符的监测</p>
<p>（2）目录限定绕过：使用~等特殊字符直接跳转到磁盘目录下</p>
<p>（3）后缀绕过：有些服务器可能会检测文件后缀，可以通过在文件后边加空字符来绕过，例如../../boot.ini%00.jpg，web应用中允许有空字符%00，但是系统API直接会在空字符位置处进行截断，变成../../boot.ini</p>
<h1 id="备用文件下载"><a href="#备用文件下载" class="headerlink" title="备用文件下载"></a>备用文件下载</h1><h2 id="原理-1"><a href="#原理-1" class="headerlink" title="原理"></a>原理</h2><p>有时候web服务的源代码可能会从网站目录获得<br>一种情况是管理员自己上传的，一般后缀为tar tar.gz zip rar bak等等<br>一种是管理员使用vim进行编辑时，因为没有正常退出vim导致的vim缓存泄露，加入源文件名为index.php，第一次交互产生的交换文件名为.index.php.swp 第二次意外退出时产生的为.index.php.swo,第三次意外退出时的交换文件为.index.php.swn</p>
<h2 id="防御-1"><a href="#防御-1" class="headerlink" title="防御"></a>防御</h2><p>（1）避免将网站源代码上传到网站目录<br>（2）对源码文件进行严格的权限限制</p>
<h2 id="攻击-1"><a href="#攻击-1" class="headerlink" title="攻击"></a>攻击</h2><p>使用disearch等工具对网站进行扫描</p>
<h1 id="git泄露"><a href="#git泄露" class="headerlink" title="git泄露"></a>git泄露</h1><h2 id="原理-2"><a href="#原理-2" class="headerlink" title="原理"></a>原理</h2><p>使用git进行版本控制和自动部署的时候，如果配置不当，可能会把.git文件夹直接部署到线上环境</p>
<h2 id="危害"><a href="#危害" class="headerlink" title="危害"></a>危害</h2><p>泄露内容包括所有该项目的源代码，私有仓库地址，配置信息，commiter的邮箱账号信息，可能的账号和密码</p>
<h2 id="攻击-2"><a href="#攻击-2" class="headerlink" title="攻击"></a>攻击</h2><p>通过githack工具获取，githack工具会解析.git/index文件，找到工程中所有的文件名，去.git/objects/文件夹下载，然后按原始目录复原</p>
<h1 id="SVN泄露"><a href="#SVN泄露" class="headerlink" title="SVN泄露"></a>SVN泄露</h1><h2 id="原理-3"><a href="#原理-3" class="headerlink" title="原理"></a>原理</h2><p>使用SVN进行版本控制和自动部署的时候，如果配置不当,可能会将.svn文件夹直接部署到线上环境</p>
<h2 id="危害-1"><a href="#危害-1" class="headerlink" title="危害"></a>危害</h2><p>源代码 SVM仓库地址，用户名密码等等</p>
<h2 id="攻击-3"><a href="#攻击-3" class="headerlink" title="攻击"></a>攻击</h2><p>使用dvcs-ripper工具获取</p>
<h1 id="HG泄露"><a href="#HG泄露" class="headerlink" title="HG泄露"></a>HG泄露</h1><p>使用HG进行版本控制和自动部署的时候，如果配置不当,可能会将.svn文件夹直接部署到线上环境</p>
<h2 id="攻击-4"><a href="#攻击-4" class="headerlink" title="攻击"></a>攻击</h2><p>使用dvcs-ripper工具获取</p>
<h1 id="DS-Store泄露"><a href="#DS-Store泄露" class="headerlink" title=".DS_Store泄露"></a>.DS_Store泄露</h1><h2 id="原理-4"><a href="#原理-4" class="headerlink" title="原理"></a>原理</h2><p>.DS_Store是macOS目录下的隐藏文件，包含当前目录结构和一些自定义信息</p>
<h2 id="危害-2"><a href="#危害-2" class="headerlink" title="危害"></a>危害</h2><p>.DS_Store文件暴漏相当于暴漏了改目录下所有内容</p>
<h2 id="攻击-5"><a href="#攻击-5" class="headerlink" title="攻击"></a>攻击</h2><p>ds_store_exp 解析.DS_Store文件并递归的下载文件到本地</p>

    </div>

    
    
    

      <footer class="post-footer">
      <div>
     
       
<div class="my_post_copyright">
<div style="text-align:center;color: #ccc;font-size:14px;">
------ 版权信息 ------</div>
 <script src="//cdn.bootcss.com/clipboard.js/1.5.10/clipboard.min.js"></script>
 
 <p><span>本文标题:</span><a href="/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/">信息泄露</a></p>
 <p><span>文章作者:</span><a href="/" title="访问  的个人博客"></a></p>
 <p><span>原始链接:</span><a href="/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/" title="信息泄露">http://yoursite.com/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/</a>
    <span class="copy-path"  title="点击复制文章链接"><i class="fa fa-clipboard" data-clipboard-text="http://yoursite.com/2021/01/22/security/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/"  aria-label="复制成功！"></i></span>
 </p>
 <p><span>许可协议:</span><a rel="license" href="https://creativecommons.org/licenses/by-nc-nd/4.0/" target="_blank" title="Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)">本博客所有文章除特别声明外，均采用<i class="fa fa-creative-commons"></i>BY-NC-SA 许可协议。转载请注明出处！</a></p>  
</div>
<script> 
   var clipboard = new Clipboard('.fa-clipboard');
   $(".fa-clipboard").click(function(){
     clipboard.on('success', function(){
       swal({   
         title: "",   
         text: '复制成功',
         icon: "success", 
         showConfirmButton: true
         });
 	 });
   });  
</script>


     
</div>
          <div class="post-tags">
              <a href="/tags/%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2/" rel="tag"># 信息泄露</a>
          </div>

        


        
    <div class="post-nav">
      <div class="post-nav-item">
    <a href="/2021/01/22/language/data_structure/sort/" rel="prev" title="常见排序算法">
      <i class="fa fa-chevron-left"></i> 常见排序算法
    </a></div>
      <div class="post-nav-item">
    <a href="/2021/01/22/security/sqlInject/" rel="next" title="SQL注入">
      SQL注入 <i class="fa fa-chevron-right"></i>
    </a></div>
    </div>
      </footer>
    
  </article>
  
  
  

  </div>


          </div>
          
    <div class="comments" id="valine-comments"></div>

<script>
  window.addEventListener('tabs:register', () => {
    let activeClass = CONFIG.comments.activeClass;
    if (CONFIG.comments.storage) {
      activeClass = localStorage.getItem('comments_active') || activeClass;
    }
    if (activeClass) {
      let activeTab = document.querySelector(`a[href="#comment-${activeClass}"]`);
      if (activeTab) {
        activeTab.click();
      }
    }
  });
  if (CONFIG.comments.storage) {
    window.addEventListener('tabs:click', event => {
      if (!event.target.matches('.tabs-comment .tab-content .tab-pane')) return;
      let commentClass = event.target.classList[1];
      localStorage.setItem('comments_active', commentClass);
    });
  }
</script>

        </div>
          
  
  <div class="toggle sidebar-toggle">
    <span class="toggle-line toggle-line-first"></span>
    <span class="toggle-line toggle-line-middle"></span>
    <span class="toggle-line toggle-line-last"></span>
  </div>

  <aside class="sidebar">
    <div class="sidebar-inner">

      <ul class="sidebar-nav motion-element">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <!--noindex-->
      <div class="post-toc-wrap sidebar-panel">
          <div class="post-toc motion-element"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86"><span class="nav-number">1.</span> <span class="nav-text">目录遍历</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8E%9F%E7%90%86"><span class="nav-number">1.1.</span> <span class="nav-text">原理</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E9%98%B2%E5%BE%A1"><span class="nav-number">1.2.</span> <span class="nav-text">防御</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB"><span class="nav-number">1.3.</span> <span class="nav-text">攻击</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#%E5%A4%87%E7%94%A8%E6%96%87%E4%BB%B6%E4%B8%8B%E8%BD%BD"><span class="nav-number">2.</span> <span class="nav-text">备用文件下载</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8E%9F%E7%90%86-1"><span class="nav-number">2.1.</span> <span class="nav-text">原理</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E9%98%B2%E5%BE%A1-1"><span class="nav-number">2.2.</span> <span class="nav-text">防御</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB-1"><span class="nav-number">2.3.</span> <span class="nav-text">攻击</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#git%E6%B3%84%E9%9C%B2"><span class="nav-number">3.</span> <span class="nav-text">git泄露</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8E%9F%E7%90%86-2"><span class="nav-number">3.1.</span> <span class="nav-text">原理</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8D%B1%E5%AE%B3"><span class="nav-number">3.2.</span> <span class="nav-text">危害</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB-2"><span class="nav-number">3.3.</span> <span class="nav-text">攻击</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#SVN%E6%B3%84%E9%9C%B2"><span class="nav-number">4.</span> <span class="nav-text">SVN泄露</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8E%9F%E7%90%86-3"><span class="nav-number">4.1.</span> <span class="nav-text">原理</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8D%B1%E5%AE%B3-1"><span class="nav-number">4.2.</span> <span class="nav-text">危害</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB-3"><span class="nav-number">4.3.</span> <span class="nav-text">攻击</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#HG%E6%B3%84%E9%9C%B2"><span class="nav-number">5.</span> <span class="nav-text">HG泄露</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB-4"><span class="nav-number">5.1.</span> <span class="nav-text">攻击</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#DS-Store%E6%B3%84%E9%9C%B2"><span class="nav-number">6.</span> <span class="nav-text">.DS_Store泄露</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8E%9F%E7%90%86-4"><span class="nav-number">6.1.</span> <span class="nav-text">原理</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E5%8D%B1%E5%AE%B3-2"><span class="nav-number">6.2.</span> <span class="nav-text">危害</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#%E6%94%BB%E5%87%BB-5"><span class="nav-number">6.3.</span> <span class="nav-text">攻击</span></a></li></ol></li></ol></div>
      </div>
      <!--/noindex-->

      <div class="site-overview-wrap sidebar-panel">
        <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
    <img class="site-author-image" itemprop="image" alt="shou quan"
      src="/images/avatar.jpg">
  <p class="site-author-name" itemprop="name">shou quan</p>
  <div class="site-description" itemprop="description"></div>
</div>
<div class="site-state-wrap motion-element">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
          <a href="/archives/">
        
          <span class="site-state-item-count">26</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
            <a href="/categories/">
          
        <span class="site-state-item-count">13</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
            <a href="/tags/">
          
        <span class="site-state-item-count">22</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>


  <div class="links-of-blogroll motion-element">
    <div class="links-of-blogroll-title">
      <i class="fa fa-fw fa-link"></i>
      小伙伴们
    </div>
    <ul class="links-of-blogroll-list">
        <li class="links-of-blogroll-item">
          <a href="http://zkwanp.com/" title="http:&#x2F;&#x2F;zkwanp.com" rel="noopener" target="_blank">这款顽皮</a>
        </li>
        <li class="links-of-blogroll-item">
          <a href="http://www.xiaoludingding.top/" title="http:&#x2F;&#x2F;www.xiaoludingding.top" rel="noopener" target="_blank">小鹿叮叮纸尿裤</a>
        </li>
    </ul>
  </div>

      </div>

    </div>
  </aside>
  <div id="sidebar-dimmer"></div>


      </div>
    </main>

    <footer class="footer">
      <div class="footer-inner">
        

<div class="copyright">
  
  &copy; 
  <span itemprop="copyrightYear">2021</span>
  <span class="with-love">
    <i class="fa fa-user"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">shou quan</span>
</div>
  <div class="powered-by">由 <a href="https://hexo.io/" class="theme-link" rel="noopener" target="_blank">Hexo</a> 强力驱动 v5.3.0
  </div>
  <span class="post-meta-divider">|</span>
  <div class="theme-info">主题 – <a href="https://mist.theme-next.org/" class="theme-link" rel="noopener" target="_blank">NexT.Mist</a> v7.7.2
  </div>

        








      </div>
    </footer>
  </div>

  
  <script src="/lib/anime.min.js"></script>
  <script src="/lib/velocity/velocity.min.js"></script>
  <script src="/lib/velocity/velocity.ui.min.js"></script>

<script src="/js/utils.js"></script>

<script src="/js/motion.js"></script>


<script src="/js/schemes/muse.js"></script>


<script src="/js/next-boot.js"></script>




  















  

  


<script>
NexT.utils.loadComments(document.querySelector('#valine-comments'), () => {
  NexT.utils.getScript('//unpkg.com/valine/dist/Valine.min.js', () => {
    var GUEST = ['nick', 'mail', 'link'];
    var guest = 'nick,mail,link';
    guest = guest.split(',').filter(item => {
      return GUEST.includes(item);
    });
    new Valine({
      el         : '#valine-comments',
      verify     : false,
      notify     : false,
      appId      : 'eTrO8AWvxgIw1eLbKw8iikkE-gzGzoHsz',
      appKey     : 'EcMtYpxCRefmUxWAVnp1NEn2',
      placeholder: "快来·~ ◑ω◐",
      avatar     : 'mm',
      meta       : guest,
      pageSize   : '10' || 10,
      visitor    : true,
      lang       : 'zh-cn' || 'zh-cn',
      path       : location.pathname,
      recordIP   : true,
      serverURLs : ''
    });
  }, window.Valine);
});
</script>

</body>
</html>
